[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ArcotSign (was Re: Does security depend on hardware?)

To: [email protected]
Subject: Re: ArcotSign (was Re: Does security depend on hardware?)
From: Douglas Hoover <[email protected]>
Date: Mon, 21 Sep 1998 17:55:12 -0700
CC: Bruce Schneier <[email protected]>, "Todd S. Glassey" <[email protected]>, Adam Shostack <[email protected]>, Lucky Green <[email protected]>, Ryan Lackey <[email protected]>, [email protected], [email protected], [email protected], [email protected]
References: <[email protected]> <[email protected]>
Sender: [email protected]

In response to the interest indicated by the discussion on coderpunks/cipherpunks
mailing lists, we have put a technical note about the Arcot key container
("software smart card") on our site at:

        http://www.arcot.com/camo2.html

We would appreciate your comments.

This note doesn't tell everything about our method--we *are* developing a
commercial product, after all--but we hope that it will suffice to show
knowledgeable readers our main ideas and convince them that a software key
container that provides protection similar to that of a smart card is in fact
possible.

I should remark that:

- Arcot key protection does not depend on making client-side
  software complicated or on keeping the algorithms secret.  It
  depends on making it hard for an attacker to tell when he has
  cracked it, by keeping information that the attacker might use
  to identify the private key out of his reach (such as the
  public key).

- Consequently, there are significant restrictions on the
  situations in which Arcot key protection works.  For example:

  - It isn't useful for encryption.
  - It isn't good for stranger-to-stranger authentication.
  - It is good for authenticating yourself to your bank, an
    online merchant with whom you have an account, or to your
    employer.

- Like smartcards, it provides two-factor authentication--you
  need to have the key container and know the password in order
  to authenticate.  Its key protection is slightly weaker because
  it is easier to steal (just copy) a card without the theft being
  noticed.

- Of course, the crypto has to be done in software.  If your
  application warrants that level of paranoia, then maybe you
  really should be using hardware--but are you sure that your
  smart card is really signing the document you think it
  is?   Most commercial applications don't warrant this level
  of paranoia.  And hardware costs money.


Regards,

Doug Hoover

begin:          vcard
fn:             Douglas Hoover
n:              Hoover;Douglas
org:            Arcot Systems
adr:            2197 Bayshore Rd;;;Palo Alto;CA;94303;US
email;internet: [email protected]
tel;work:       650 470-8203
tel;fax:        650 470-8208
x-mozilla-cpt:  ;0
x-mozilla-html: TRUE
version:        2.1
end:            vcard

References:
- Re: ArcotSign (was Re: Does security depend on hardware?)
  - From: Bruce Schneier <[email protected]>
- RE: ArcotSign (was Re: Does security depend on hardware?)
  - From: Bruce Schneier <[email protected]>

Prev by Date: Re: Stego-empty hard drives... (fwd)
Next by Date: Re: CHALLENGE? Toto/signature attack w. unpublished public key
Prev by thread: RE: ArcotSign (was Re: Does security depend on hardware?)
Next by thread: Re: ArcotSign (was Re: Does security depend on hardware?)
Index(es):
- Date
- Thread